An organization implements data loss prevention (DLP) technology but configures it in monitor-only mode indefinitely, never enabling enforcement. What is the PRIMARY limitation of this approach?

Home › MCQs › CISA › Question #6865

CISA QUESTION #6865

Question 1

Incomplete implementation
DLP provides visibility but no actual data loss prevention without enforcement enabled✔️
Reduced performance
User acceptance

Correct Answer Explanation

Monitor-only mode allows DLP to identify potential data loss but takes no action to prevent it. While monitoring provides valuable visibility, the system is not preventing data loss—its primary purpose. Organizations often intend to move from monitor to enforce mode but remain in monitor indefinitely, providing false security belief without actual protection.

More Options